CVE-2014-0336
Serena Dimensions CM 12.2 build 7.199.0 - Cross-Site Request Forgery via adminconsole/ URI
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI.
References (1)
Core 1
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/823452
Scores
EPSS
0.0070
EPSS Percentile
48.9%
Details
CWE
CWE-352
Status
published
Products (1)
serena/dimensions_cm
12.2 build7.199.0
Published
Mar 06, 2014
Tracked Since
Feb 18, 2026